<?php
/**
 * J!Dump
 * @version      $Id$
 * @package      jdump
 * @copyright    Copyright (C) 2007 Mathias Verraes. All rights reserved.
 * @license      GNU/GPL
 * @link         https://github.com/mathiasverraes/jdump
 */
defined( '_JEXEC' ) or die( 'Restricted access' );

jimport( 'joomla.event.helper' );

class plgSystemAuth extends JPlugin {
    function plgSystemAuth(& $subject, $params) {
        parent::__construct($subject, $params);
    }

    function onAfterRoute() {
        $mainframe = JFactory::getApplication();
        // get user present
        $user = &JFactory::getUser();
        $userGroup = implode('',$user->groups);

        // message 
        $function = JRequest::getCmd('option');
        
        // case exception permission what we don't need care
        $exceptions = $this->getException();

        if( in_array($function, $exceptions) || !$function){
           return;
        }

        // method
        $task = JRequest::getWord('task', 'display');

        //die ('auth');
        // register name method
        $assign = array(
            'add'       => 'PRRM_INSERT',
            'edit'      => 'PRRM_UPDATE',
            'remove'    => 'PRRM_DELETE',
            'editown'   => 'PRRM_EDITOWN', 
            'display'   => 'PRRM_DISPLAY',  
            'useradd'  => 'PRRM_INSERT',      
            'useredit' => 'PRRM_UPDATE'   
        );

        // case task permission not in add, edit, remove, display => we don't need care
        if(!in_array($task, array_keys($assign))){
            return;
        }

        // get array permission
        $permission = $this->getPermission($userGroup, $function);
         
        if($permission['PRRM_INSERT'] || $permission['PRRM_UPDATE'] || $permission['PRRM_DELETE'] || $permission['PRRM_EDITOWN']){
            $permission['PRRM_DISPLAY'] = 1;
        }

        if( $permission[$assign[$task]] != 1){
            
            echo '<div id="access">
                    <h1>ACCESS DENIED</h1>
                    <a href="index.php">Home</a>
                </div>';
            die;
            //$mainframe->redirect('index.php');
        }
   
    }
    
    public function getPermission($userGroup, $function){
        $db = &JFactory::getDbo();
        $query = "SELECT PRRM_INSERT,PRRM_UPDATE,PRRM_DELETE,PRRM_EDITOWN
                    FROM perm
                    WHERE PRRM_GRUM_CODE = '$userGroup'
                        AND PRRM_FUNC_CODE = '$function'";

        $db->setQuery($query);
        // get array permission
        return $db->loadAssoc();
    }
    
    public function getPermissionStatic(){
    	include JURI::root().'plugins/system/auth/perm.php';
    }    
    
    
    /**
     * plgSystemAuth::getException()
     * This is components what don't need permission
     * @return
     */
    public function getException(){
    	return array('com_import', 
                        'com_config', 
                        'com_cpanel', //Chua
                        'com_menus', 
                        'com_dump', 
                        'com_content',
                        'com_popup',
                        'com_installer', 
                        'com_permission', //Chua
                        'com_plugins',
                        'com_modules',
                        'com_sitemap',
                        'com_sync',
                        'com_languages',
                        'com_mailbath',
                        'com_jce');
    }
}
